<?php

include('pagina.php');
include('database.php');
include('auth.php');
include('core.php');

// Verifica se tem permissao
validaPermissao(3);

// Verifica se ha cliente para ver
if (!$_GET['id'] && !$_POST['id'])
{
	forbidden();
	die();
}

// Verifica se houve envio do formulario.
if ($_POST['submit'] == 'Submit')
{
	query_bd("UPDATE customers SET obs= ". ($_POST['obs']? "'" . 
			  mysql_real_escape_string($_POST['obs']) . "'" : "NULL") .
	" WHERE id={$_POST['id']}");

	// descobre o numero do contato
	$contacts = query_fetch("SELECT contact_id FROM customers WHERE id={$_POST['id']}");

	// Atualiza contatos
	query_bd("UPDATE contacts SET " .
	"name=" . ($_POST['name']? "'{$_POST['name']}'" : "NULL") .
	", number=" . ($_POST['number']? "{$_POST['number']}" : "NULL") .
	", street=" . ($_POST['street']? "'{$_POST['street']}'" : "NULL") .
	", complement=" . ($_POST['complement']? "'{$_POST['complement']}'" : "NULL") .
	", city=" . ($_POST['city']? "'{$_POST['city']}'" : "NULL") .
	", state=" . ($_POST['state']? "'{$_POST['state']}'" : "NULL") .
	", zipcode=" . ($_POST['zipcode']? "'{$_POST['zipcode']}'" : "NULL") .
	", phone=" . ($_POST['phone']? "'{$_POST['phone']}'" : "NULL") .
	", cellphone=" . ($_POST['cellphone']? "'{$_POST['cellphone']}'" : "NULL") .
	", email=" . ($_POST['email']? "'{$_POST['email']}'" : "NULL") .
	" WHERE id ='{$contacts['contact_id']}'");

	header( "Location: customer.php?id={$_POST['id']}&msg=Customer data update succesfully." );
	exit;
}

// Busca todos os dados do cliente
$customer = query_fetch("SELECT * FROM customers WHERE id='{$_GET['id']}'");

// Se nao existe, cai fora
if (!$customer)
{
    response_404();
}

// Busca contato
$customer_contact = query_fetch("SELECT * FROM contacts WHERE id={$customer['contact_id']}");

// Inicia cabecalho da pagina
pagina_inicio('ParkSys - Edit Customer');
adicionar_js('input-format.js');
pagina_head();

// Mostra opcao de cancelar edicao
echo "<ul id=opcoes>";
echo "<li class='negative'><a href='customer.php?id={$customer['id']}'><img src='img/cancel.png' alt=''>Cancel Edit</a></li>";
echo "</ul><br>";

echo "<form id=customer_edit class=big_form method=POST action='customer_edit.php'>";
echo "<h1>Edit Customer</h1><br>";
echo "<input type=HIDDEN name=id value={$customer['id']} />";
echo "<label for='name'>Customer name:</label> <input type=TEXT id=name name=name value='{$customer_contact['name']}' size=40 /><br>";

echo "<hr><h2>Contact</h2><br>";
echo "<label for='number'>Number:</label> <input type=TEXT id=number name=number value='{$customer_contact['number']}' maxlength=80 size=8 onChange='format_int(this)' />";
echo " <label for='street'>Street:</label> <input type=TEXT id=street name=street value='{$customer_contact['street']}' size=30 />";
echo " <label for='complement'>Complement:</label> <input type=TEXT id=complement name=complement value='{$customer_contact['complement']}' size=10 maxlength=30 /><br>";
echo "<label for='city'>City:</label> <input type=TEXT id=city name=city value='{$customer_contact['city']}' size=10 maxlength=30 />";
echo " <label for='state'>State:</label> <input type=TEXT id=state name=state value='{$customer_contact['state']}' size=8 maxlength=10 />";
echo " <label for='zipcode'>Zipcode:</label> <input type=TEXT id=zipcode name=zipcode value='{$customer_contact['zipcode']}' size=6 maxlength=10 /><br>";
echo "<label for='phone'>Phone:</label> <input type=TEXT id=phone name=phone value='{$customer_contact['phone']}' size=12 maxlength=20 />";
echo " <label for='cellphone'>Cellphone:</label> <input type=TEXT id=cellphone name=cellphone value='{$customer_contact['cellphone']}' size=12 maxlength=20 /><br>";
echo "<label for='email'>Email:</label> <input type=TEXT id=email name=email value='{$customer_contact['email']}' size=20 maxlength=30 />";

echo "<hr><label for='obs'>Observations:</label><br><textarea id=obs name=obs cols=40 rows=5 />";
echo $customer['obs'];
echo "</textarea>";
echo "<hr>";
echo "<input type=SUBMIT name=submit value='Submit' />";
echo "</form>";

// Finaliza pagina
pagina_fim();
?>
